Encryption/decryption for data storage system with snapshot capability
US9076021B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jul 16, 2012 |
| Grant date | Jul 7, 2015 |
| Priority date | — |
| Expiry date | Feb 11, 2033 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2107
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method for managing access to encrypted data of a data storage system storing snapshot data, a snapshot providing a previous point-in-time copy of data in a volume of the data storage system, wherein the data storage system utilizes changing encryption keys for write data. For each snapshot, the method stores at least one decryption key identifier for each decryption key corresponding to an encryption key utilized to encrypt data written to a volume since a previous snapshot was committed to disk, and associates the at least one decryption key identifier with the snapshot. A key table associating decryption key identifiers with corresponding decryption keys is provided, and based on the key table and the at least one decryption key identifier associated with the snapshot, one or more decryption keys required for accessing encrypted data associated with the snapshot are determined. Decryption key identifiers may be stored in snapshot metadata.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.